The Vulnerability Assessment consists of a vulnerability scan against the target systems, aiming to identify known software flaws and misconfigurations. The typical attributes of the scanning include the following:
The objective of the Vulnerability Assessment is to validate the minimum level of security that should be applied to the scanned systems. By definition, as opposed to a Penetration Test, it does not involve exploitation of the identified security flaws and it is performed using industry-leading automated tools.